CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Firewall Module - Add Framework

Browse Source
This commit is contained in:
Mike Reeves
2018-06-22 08:47:33 -04:00
parent 93916ba358
commit b756a72e30
4 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pillar/firewall/analyst.sls Normal file
View File

@@ -0,0 +1,2 @@
analyst:
- 127.0.0.1

2
pillar/firewall/beats_endpoint.sls Normal file
View File

@@ -0,0 +1,2 @@
beats_endpoint:
- 127.0.0.1

2
pillar/firewall/forward_nodes.sls Normal file
View File

@@ -0,0 +1,2 @@
forward_nodes:
- 127.0.0.1

21
salt/firewall/init.sls
View File

@@ -104,6 +104,27 @@ enable_salt_minions_3142_{{ip}}:
- position: 1 - position: 1
- save: True - save: True
{% endfor %}
# Allow Forward Nodes to send their beats traffic
{% for ip in pillar.get('forward_nodes') %}
enable_salt_minions_5044_{{ip}}:
iptables.insert:
- table: filter
- chain: DOCKER-USER
- jump: ACCEPT
- proto: tcp
- source: {{ ip }}
- dport: 5044
- position: 1
- save: True
{% endfor %}
# Allow Forward Nodes to send their beats traffic
{% for ip in pillar.get('beats_endpoint') %}
enable_salt_minions_5044_{{ip}}: enable_salt_minions_5044_{{ip}}:
iptables.insert: iptables.insert:
- table: filter - table: filter